Slashdot Mirror

Not that one is better than the other, but I use Avast which is also free and has worked well for me on both Windows and Linux.

I am currently running knoppix from a cd, that's my general preference as well. Which should be a viable option for windows by the way, a highly usable live cd version of windows would be a great boon to a number of people, one of the many things our friends in redmond haven't pursued. Comparing apples to apples, there is no way to run as a non-root user in windows, if you have access to the drive you have access pretty much, that is, you can't keep a user from running software that causes registry entries, and thus there is no security model, as the windows registry is pretty much the holy grail of owning the windows box. I have the option of removing software with which there are known security issues but no patches available on an installed linux system, you have that option as well, as long as there isn't a microsoft line of bs about it being an integral part of the OS. So if you have a windows box and there's a IE vunerability you have no supported option for removing IE, and if redmond has decided they aren't going to fix it, you're out of luck. I suppose you could simply implement a policy that IE is never used, although this relegates you to manually managing updates, as IE is the automated tool for Windows updates. Lets get away from "infected", lets use "should be treated as compromised", in my experience these machines are "infected" but lets implement a policy of "treating a machine as compromised" that has been a situation where someone with malicous intent could have run arbitrary code. I think that your average linux box has a life expectancy about 1000 times as long as your windows box, before it should be "treated as compromised" under such a policy. We can even wait for evidence, we won't "treat as compromised" the windows box until we have a registry change we can't explain, or a logfile entry that we don't know what is. Or unexplained network traffic from the box.

As to how the hijacking occurred, I suspect that there was a vunerablity in IE that was still unpatched after windows updates had been run, and that one or more of the four manufacturers websites I went to had compromised webservers, probably related to under-patched IIS installations. This machine was running no services and was NATted a couple of times, including running by itself on the second NATted subnet. Unless I was a the stupid user, doing something stupid by running windows updates and downloading hardware drivers, there was no stupid user intervention on this install. Sitting far away across the Internet, I am better equipped to determine than anyone trusting in the security of an unpatched windows box with no anti-virus protection of the status of that box, if he believes he's "clean as a whistle". I've seen Windows compromised repeatedly by people using it without having done anything paticularly "stupid" . Blaming the user seems to be the windows model of security, but I find this to only be reasonable if you agree that windows is insecure if you "USE" it, and thus all the problems are the "USE"rs fault. I tend to believe that I know what I am doing and I don't find Windows to be "perfectly" anything, paticularly usable. I am guessing that you have not tried avast's BART product, as I suggested to the original poster, if you'll give it a try, I think you'll find otherwise unknown but quite verifiable malware running on your machine as well. http://avast.com/eng/buy_avast_bart_cd_vi.html

Anyone try Avast! ?

and avast Free Edition
http://avast.com/

On the other hand, the question is about windows. Here's the best freeware list I've found, taken off of the neowin.net forums. These are not guaranteed Clean, but most of them are. Also, you might want to check tinyapps.org, which specializes in SMALL apps (usually not enough space for ad/spyware).
Category 3D Graphics: ----JunkCharactersToDefeatLameness/CharacterCountF ilterForAValidList----
3Delight Free - http://www.3delight.com/index.htm
Anim8or - http://www.anim8or.com/
Aqsis - http://www.aqsis.com/
Blender - http://www.blender3d.org/
gmax - http://www.discreet.com/products/gmax/
Houdini (Free Edition) - http://www.sidefx.com/apprentice/index.html
Maya Personal Learning Ed. - http://www.alias.com/eng/products-services...ple/i ndex.shtml
Now3D - http://digilander.libero.it/giulios/Eng/homepage.h tm
OpenFX - http://www.openfx.org
SOFTIMAGE|XSI EXP - http://www.softimage.com/products/exp/v3/
Toxic - http://www.toxicengine.org/
Wings 3D - http://www.wings3d.com/
Category Anti-Virus:----JunkCharactersToDefeatLameness/Char acterCountFilterForAValidList----
AntiVir - http://www.free-av.com/
Avast - http://www.avast.com/i_idt_1018.html
AVG - http://www.grisoft.com/
ClamWin - http://www.clamwin.com/
Category Anti Spyware:----JunkCharactersToDefeatLameness/Charact erCountFilterForAValidList----
Ad-aware - http://www.lavasoft.de/software/adaware/
Bazooka - http://www.kephyr.com/spywarescanner/index.html
Diet K - http://www.dietk.com/
SpyBot Search & Destroy - http://spybot.safer-networking.de/
SpywareBlaster - http://www.javacoolsoftware.com/spywareblaster.htm l
SpywareGuard - http://www.wilderssecurity.net/spywareguard.html
Category IRC Clients:----JunkCharactersToDefeatLameness/Charact erCountFilterForAValidList----
BersIRC - http://www.bersirc.com/
BitchX - http://bitchx.org/download.php
HydraIRC - http://www.hydrairc.com/
TinyIRC - http://www.tinyirc.net/
XChat - http://www.silverex.org/news/
Category Audio Players:----JunkCharactersToDefeatLameness/Charact erCountFilterForAValidList----
1by1 - http://www.rz.uni-frankfurt.de/~pesch
Billy - http://www.sheepfriends.com/?page=billy
CoolPlayer - http://coolplayer.sourceforge.net/
DeliPlayer. http://www.deliplayer.com/
Foobar 2

Avast Home Edition

Avast.com has a knoppix disk setup with a windows virus scan on the disk, among other useful things. Unfortunately it is a big bucks item, but very appropriate and useful for sysadmins

Avast.com has a knoppix disk setup with a windows virus scan on the disk, among other useful things. Unfortunately it is a big bucks item, but very appropriate and useful for sysadmins

You insensitive clod, not all people want NT 4 SP2 on their win 98 boxes.

Seriously though, the first thing which goes on is the latest McAfee Stinger. When that's wiped out most of the viruses, I uninstall their out-of-date Norton - so many people don't realise that the major antivirus vendors are on a rental model and just buy the product and expect it to last forever. Then Avast! Personal Edition goes on, and the PC is fully scanned. After that comes Spybot and Ad-Aware. I use both because each product has its stregths and weaknesses. All of this is done form a CD burnt with the latest patterns so no internet connectivity happens until their PC has been cleaned. And then Sygate Personal Firewall completes the mix of security products.

After that comes Thunderbird and Firefox, The GIMP and Audacity (if they are into that sort of thing. And of course we musn't forget IrfanView.

Ok, but what about the other person who looks at the same issue and then decides to, instead of switching away from IE, install SpyBot (which is free), plus a great free (for home use) antivirus (Avast Home Edition).

These seem like steps one should take no matter what browser one uses. SpyBot can even trap spyware right before it's installed... So if one went thos route, there is little incentive to switch away from your browser, which works, and whose interface you are familiar with.

Ya know, if it does end up having a negative effect on eTrust antivirus, then switch to avast!

It's just as good in terms of ability to stop viruses as the big two (Norton and McAfee) but is much smaller and efficient. Not to mention that they give non-commercial users a free license.

Check it out.

Avast is very good. You may like the cost. Other than that Panda is the best. Mcafee/Norton are getting worse as they expand their product line.


would you like to

I've found the following helpful for the no-budget set:

Avast Home Edition Virus Scanner

Spybot Search and Destroy

HijackTHIS - Find out whats in your PC. (semi-advanced)
The site for HiJackThis seems to be down for now. THere are a few other little nifty freebie aps in there, too. Heres a mirror download site

AdAware - picks up a lot of crap in your PC

(Anyone wanna offer up a few opinions on this stuff? You know you do.)

Of course, the obligatory comment of "Use Mozilla, keep your shit patched, don't click every OK button you see" still applies.

http://www.avast.com/eng/avast_4_home.html Home version is free

He went down the merry path of trying to rescue the system in order to keep customer data intact. The story is typical of someone who is entering the fray without have their tools prepared in advance. The solution always looks easier than it really is.

In his case, he needed

• a CD with all of the relevent tools and updates
• a windows boot disk with CD support
• an understanding of the windows command line in order to copy a subset of these tools to a convenient folder on the hard drive from the CD
• The knowledge to run these tools from Safe mode, and how to get there in the first place
• Include in the subset of tools one that can fix the broken LSP setup.

  [LSP or Layered Service Provider is a piece of software that can be inserted into the Windows TCP/IP handler like a link in a chain. However, due to bugs in the LSP software or deletion of the software, this chain can get broken, rendering the user unable to access the Internet. Spyware is good at this, and some cleaners leave a broken LSP behind.

  With the correct tool, the fix takes seconds. Without the tool, you need to uninstall and re-install the winsocket, or else the same with the entire network support. Otherwise you fall into the trap this poor bloke got into.]

My current recommended free antivirus is Avast! Home Edition [avast.com], which is very low maintenance for the home user, and requires registration for the free license. It also protect a number of common Instant Messenger clients, as well as several common P2P clients. It is better than AVG in my opinion, and detects many trojans as well as spyware.

You can get a system that is so hosed that it will not boot, not even into safe mode, even under XP. The solution there to remove the hard drive, drop it into an external drive enclosure, and hook it up to another system where you can use scanning software to do a basic clean so you can boot in the original configuration. Once it boots you can install cleaners from safe mode, and then run cleaners from inside every user account. Note that you still need to run the clean from inside each user account because otherwise things will hide in the seperate user folders.

Re: the LSP chain break -- HijackThis can sometimes fix it. Otherwise, Spybot can fix it. Xblock will also fix it. [xblock is an excellent first pass cleaner, with a freeware version available). (Spybot second, AdAware third)I always use more than one scanner, and scan multiple times.] Immunisers such as SpywareBlaster are also nice. All of these packages are mentioned at spywareinfo.com, which sometimes goes under due to DDOS problems from people who do not like the services they provide. (insert obligatory plug for someone to help them out, one way or another.)

In his case, he needed

• a CD with all of the relevent tools and updates
• a windows boot disk with CD support
• an understanding of the windows command line in order to copy a subset of these tools to a convenient folder on the hard drive from the CD
• The knowledge to run these tools from Safe mode, and how to get there in the first place
• Include in the subset of tools one that can fix the broken LSP setup.

  [LSP or Layered Service Provider is a piece of software that can be inserted into the Windows TCP/IP handler like a link in a chain. However, due to bugs in the LSP software or deletion of the software, this chain can get broken, rendering the user unable to access the Internet. Spyware is good at this, and some cleaners leave a broken LSP behind.

  With the correct tool, the fix takes seconds. Without the tool, you need to uninstall and re-install the winsocket, or else the same with the entire network support. Otherwise you fall into the trap this poor bloke got into.]

My current recommended free antivirus is Avast! Home Edition, which is very low maintenance for the home user, and requires registration for the free license. It also protect a number of common Instant Messenger clients, as well as several common P2P clients. It is better than AVG in my opinion, and detects many trojans as well as spyware.

You can get a system that is so hosed that it will not boot, not even into safe mode, even under XP. The solution there to remove the hard drive, drop it into an external drive enclosure, and hook it up to another system where you can use scanning software to do a basic clean so you can boot in the original configuration. Once it boots you can install cleaners from safe mode, and then run cleaners from inside every user account.

http://www.avast.com/

Free as in beer and updates itself automagically.

Most people won't switch, because they have been using Win, Office and IE at home and in the office for five or more years. People are simply USED to this set of applications and are not keen to learn something new - no matter how geeky, secure and cool it is.

And to give my opinion, most people don't have a single reason to change, and most people ARE happy with Microsoft's software. Funny that most of MS bashers here are Linux users who have no experience of Windows whatsoever. "Windows is unsecure and crashes all the time blah blah blah". Bullshit. I have never, _never_ got virus, spy, or adware on my Windows XP installation, and it crashes less than Linux. Last crash was about 6 months ago last time due early Ati drivers.

With Linux, it is not really hard to make system lockup. Just modprobe some broken or wrong driver, X has changes to halt whole machine (happened to me many times) and so on. Sorry Zealots, your Linux is not a perfect solution for computing problems at home.

Securing Windows is seriously not that hard. Few steps and little bit of Common Sense(tm) and you're fine:

1) Firewall on. Yes, it's stupid design to have RPC services listening and you cannot even shut them down. This anyway is fixed with Firewall. Such as Zonealarm. I use both two, XP's builtin along with Zonealarm in case Zonealarm crashes or sumthing.

2) Get the patches. Not that hard. WindowsUpdate is easy to use.

3) Get antivirus, just in case. For example http://www.avast.com has free-for-home-usage virusscanner which does good job.

4) Don't use IE or Outlook :) This alone shuts down most of Windows'es security holes. Get your internet apps from Mozilla.

Also some common sense using pirated software (best thing is to NOT use any, like I don't), most of the spyware comes from Kazaa. Don't download russian-mafia-pirated games. Those are not clean. If you do, blame yourself.

And before all Linux Zealots start once again shouting about MS Office's price blablabla, For Your Information, OpenOffice is available for Windows too. That's right! Amazing, isn't it? No need to pay anything. There is alot of free and open source software for Windows. Alot. ALOT!

Not meant to be troll, I am just sick and tired of hearing FUD from Linux Zealots who have no experience on Windows or they don't know how to use it. Some basics on Windows security are good to know, and what steps to take to secure it. You need to do securing steps on Linux, especially on Linux servers too (Apache on default settings, running as root for example is not wise). Even pretty much any Linux distribution is safer out of box than XP, it doesn't mean Windows is impossible or even hard to secure up.

>MATIE is what the RIAA and MPAA are using to track down all those darned pirates.

And of course, they protect the server from viruses with Avast.

I use Avast, it works just as well and is free. I switched from Norton after not wanting to pay every year. It catches all the virii my girlfriend manages to get into the computer (about 2 a week lately).

Another useful program is Mailwasher (there is also a non-pro version). Shows all your mail on the server, including the virii (which it labels) so you can delete them without downloading them into your inbox (it is also great for spam, but turn off the 'bounce' function).

I've found that most folks like to be told how to make their computers more secure and decrease their chances of infection/spyware...

I have made it standard practice to install 3 applications on all Windoze machines that I fix anything on...

1) Install Avast! Home Edition and set it to do automatic updates of both the Core Program and Virus Database. Because most people don't pay for Anti-Virus upgrades after their free trial version runs out...not to mention the fact that Avast! is better than Norton and most for-pay AV apps anyhow...

2) Install Spybot Search & Destroy and make sure that the primary user(s) see what the result of the initial scan is (shock value) with instructions on how to use the app...

3) Install FireFox (no link needed) with the follofing userContent.css...

If they still insist on using IE I will install Google Toolbar and enable popup blocking...

I then proceed to replace any spyware apps with free non-spyware apps (WeatherBug -> Weather Pulse, etc)

As for a firewall, I talked most into buying a wireless router (generally a cheap 802.11b router) to use as a firewall and future network upgrades. I don't think any windoze software firewalls are very good...IPTables is about the ONLY software firewall that I trust...

After doing this, I find that these systems stay fairly clean and have much fewer problems. Not to mention the owners of said machines tend to be much happier afterward.

An excellent free antivirus app that I haven't seen mentioned is avast!.

Of course, one could always convert their parents to GNU/Linux. :-)

It's got auto-updates, Outlook add-on module, etc. All good. They want some info in lieu of registration, but it's non-spammy/invasive

You can download it from here if you're so inclined.

Disclaimer: I have nothing to do with Avast, beyond being a quite satisfied user of their software.

It's got auto-updates, Outlook add-on module, etc. All good. They want some info in lieu of registration, but it's non-spammy/invasive

You can download it from here if you're so inclined.

Disclaimer: I have nothing to do with Avast, beyond being a quite satisfied user of their software.

They already have it. anti-virus for PDAs, despite there being no really worthwhile vectors for viruses to spread over the PDA format. After all, you never really sync more than one PDA to the same computer (though you likely sync multiple computers to the same PDA).

I especially enjoy the sales verbage..."The importance of PDAs is growing every day and it is quite likely that these devices will soon become a target for new virus attacks." In other words, "there's currently nothing for the this product to do, but if it ever does become worthwhile, it'll do it after you download something else." Begs the question: why not wait until it becomes an issue, THEN download it? Seems you'd save some money that way, eh?

Oh, and the cost? $20 for a year of nothing. Tell you what, guys...if you're in the market for PDA antivirus protection, I'll beat that price. I'll do nothing for only $10 a year.

After a quick scan of some posts, here are a few programs others have recommended:

avast! 4 for Linux Currently in beta so I have no idea what the cost will be. Windows versions are $399 US for a single server.

Clam AV A GPL'd virus scanner. Looks like pretty good AV software for open-source. Definitions are updated many times a week through submissions from the community. I think I'm going to have to check this one out myself as it looks promising.

F-Prot Anti-Virus for Linux Pricing is based on number of users; $299 for 1-24, $399 25-49, $499 50-99.

Kaspersky Anti-Virus Pricing is per-user. $10.05/user for 100 users. Unfortunately, they don't have a direct page for the Linux mail server software. I had to go to the online store for pricing.

If anybody knows more, post them here.

I think RAV offered more features than ClamAV...ClamAV is more concerned about Windoze E-Mail viruses. If you want something that is probably a lot closer to the functionality of the old RAV, try avast! 4 for Linux...it's currently still in beta, but it looks to be pretty good...

As a side note, I run ClamAV as an E-Mail scanner on a Solaris installation and love it for mail scanning...

Does it work with Avast!??? This is the scanner that I install and recommend, as it is free for personal use...

I would like to know if I need to start recommending another scanner...or better yet...Linux :)

Problem is there is no real elimination of bad species in internet evolution. An infected (or insecure) computer should "die" (being kicked off the net, until it's no longer infected or insecure). Without real evolution, there isn't going to change much.

ISPs should play a bigger role in this. A month or 2 ago my provider started with a anti-virus service on email. When I receive a virus, it is block on their server. Anything that would leak through would be captured by my virusscanner. (which can be downloaded free on Avast) This is all very nice, but the virus sender still keeps sending their infected mails, but with fake email-headers, there isn't much to do against it, except installing virus scanners on every computer linked to the net (that's why I included the link).

I think the first step to deal with many internet problems would be a more secure email system. If it would be made impossible to fake email headers, several problems (spam, [viruses|virii|virux|viruss]) would be much easier to deal with.
I don't believe solid email headers would kill off the anonymous nature of internet. A "normal" header contains enough info to indentify the originator for those who have access to ISP logs.

Not only did you fail to link to Avast, but you also used an incorrect pluralization of virus, and spelled it wrong to boot!

Consequently, YOU FAIL IT. HAND.

AVG is total rubbish compared to Avast!, which is also free for personal use. Highly recommended.

I also recommend the image viewer IrfanView, the Filezilla ftp client and server, Audacity, The GIMP for Windows, the ConText text editor, the KiXtart scripting tool, GAIM for Windows, and that's just for starters.

Mozilla, powerful and free web browser/mail suite.
OpenOffice, powerful office suite.
Ad-Aware for keeping spyware (Gator etc) out.
BitTorrent for all your P2P needs.
ZomeAlarm a good firewall.
Avast! Antivirus good AV app, free for home use.
TextPad powerful and easy-to-use text editor.
SmartFTP powerful and free FTP client.

On top of these, I always install these non-free apps (non-development related):
Paint Shop Pro all the relevant functionality from Photoshop at a much better price.
Klient the best IRC client. Ever.

Some people have mentioned:
CygWin - a home, non-dev PC doesn't need it
VNC - a home, non-dev PC doesn't need it, and it has security issues
Dev-C++ - not needed on a home PC, it's for development.
NetHack - huh!?
Boingo - the article submitter didn't mention anything about having a WLAN card, so why would he need to find hotspots?
Winamp - redundant since Microsoft released WMP9, which I've found to be just as fast, more stable than WA3, and better at playing movies. Of course, YMMV, and some people prefer to stay away from MS stuff for ideological reasons.

I also use AVG.
My father uses Avast (www.avast.com/), which is another free anti-virus.

So far we've seen people mention Grisoft's AVG (which I use at home), Avast, and even F-prot for DOS - but I haven't seen anyone mention this yet

Housecall - online virus scanner-- got someone who thinks they have a virus? Just send em to this site, while it doesn't prevent viruses, it will tell you if any show up! Its good in a pinch, and if you think your current virus scanner might be missing something.

Er, freeware anyone? Try avast for example - it's free for home (desktop) use, and has free definition updates as long as ye register.

I personally can't see what extra features would make me fork out on a costly alternative, that i can only install on one machine due to product activation, even though i have more that one pc at home...

Yes, Avast 4 Home Edition rocks! Small incremental pattern updates released frquently - 3 updates in the last 3 days. On the one occasion I've experienced where a update resulted in false positives, the fixed patterns were there within a few hours. Good stuff.

then Alwil Software supplies the Avast antivirus package: avast.com
I haven't tried it and have no idea if it's any good, but it's free!